From nobody Thu May 09 00:49:45 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VZYLx5KGNz5K5W4; Thu, 09 May 2024 00:49:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VZYLx1Pzxz4mwF; Thu, 9 May 2024 00:49:45 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1715215785; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=E7AqHVKkZYz2rCDs5ZEswcUJ8qRkJxDZeitB/J1HPY4=; b=i4jdbMSUcPNke6cx9b94XNNYkbPBnWZEHd2sLZaMY7tT0T7ocu78qOIOEE8K9MEUaRgzIb G8QoMMhnY8SXfD7LZfdr3q7kHGCVkZypmsk0QcH+fN+mAP/ugZEQNOh49zbL5KMPGonaq5 jC/6jWMKDgjCuk98rUMfAA65h8MlrkWHjAM+tcDhWTQDzonTtczfKlhL4kG22iepHtkklJ HlOuNzApkP68LDxqg3xT2EUOOrB6O+mlMfDPLcwtaB4S1IaSmX2DwJ7+NYs8YzQsx/UgYe q0y7UBdH7pKSeX/gSSXYGoCLtUxKoAeQD6+rc2sRBRyIrGLVoAMyEHL1XtHisw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1715215785; a=rsa-sha256; cv=none; b=rxCozKKCxFxRtFvemRwJEJ7epkOFVrCBKS3GxBgdzy3QiaDgjV9yCBhQzCSrRUgD88K2ZR Sz1CH0PBuXCL4A/NqZNWlk+0sUFqBN/G0Ns3p/133UThShfFhzzrAW9Xhp0qM4pDXjxDgl q34nRkoixpvfLXUTAl3zP/GLXj+/OBurm0OK7TgcavrP6ec0cDWAONIhAXzN+3MsV4j6is SOcQwvE4kg4x95Wmvl3Mr1M0S3KPqZvbAZ98YgD7fMtjCfElvsbDex5TBOdYDjksCTqjrI WAhK95wR+dAuov8PBtqrqWNfr8fL02y3LSTbCg6JTIXqumzR+zDoxeffz1GttA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1715215785; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=E7AqHVKkZYz2rCDs5ZEswcUJ8qRkJxDZeitB/J1HPY4=; b=Ke8rGDNwFloyT3vSTc0GXioEJq1J1EglT8I3JpKrFWlnO5YIap8Siipv2DrcNgR5oR+P1/ wmoIi8qdtpHCuQVrShkQi4noUDROdPBE9blNnUMOeyv2UxbxuMUSLT2sQsO+P1if6f0djy atbSJUfnmu8be186Oy7m4RgS3RuIo1ga82vL4CQIkTzVaxGz+cERyOb8Ti0XqsoWMBA2E8 npPKyQPdfQ1WkJKuQHEfGalRIOzxjn3zb67k6lgvBPsD6UhbCd/XA11nja017QCy0KwiwS TIbBRlFIYJHT8LzlsJVQEubNOvqP/cOOPPssBYAL/VYQfyW0qNIcMy78OUSs9w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VZYLx12GwznG5; Thu, 9 May 2024 00:49:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 4490njrt063727; Thu, 9 May 2024 00:49:45 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 4490njs8063724; Thu, 9 May 2024 00:49:45 GMT (envelope-from git) Date: Thu, 9 May 2024 00:49:45 GMT Message-Id: <202405090049.4490njs8063724@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Adrian Chadd Subject: git: c2a005a0a97d - main - net80211: add new ciphers and RSN flags List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: adrian X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c2a005a0a97d98472d81c5c9606e5d6e546dd40a Auto-Submitted: auto-generated The branch main has been updated by adrian: URL: https://cgit.FreeBSD.org/src/commit/?id=c2a005a0a97d98472d81c5c9606e5d6e546dd40a commit c2a005a0a97d98472d81c5c9606e5d6e546dd40a Author: Adrian Chadd AuthorDate: 2024-04-19 14:05:44 +0000 Commit: Adrian Chadd CommitDate: 2024-05-09 00:49:34 +0000 net80211: add new ciphers and RSN flags These are the rest of the ciphers and RSN flags from 802.11-2016. * add the rest of the ciphers from 802.11-2016 * add the rest of the RSN flags from 802.11-2016 Of special interest here are the extended key ID field for supporting >1 unicast key (to support seamless rekeying w/out dropping frames) and the MFP (management frame protection) config bits. This is a no-op; no code is using these new fields. (In particular, no code in net80211 uses the RSN capability bits; but that will change when we start on MFP support.) Differential Revision: https://reviews.freebsd.org/D44864 --- sys/net80211/ieee80211.h | 67 ++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 54 insertions(+), 13 deletions(-) diff --git a/sys/net80211/ieee80211.h b/sys/net80211/ieee80211.h index 47e496bf42a1..fe2a0a7f3b64 100644 --- a/sys/net80211/ieee80211.h +++ b/sys/net80211/ieee80211.h @@ -1266,7 +1266,7 @@ struct ieee80211_csa_ie { #define WPA_CSE_NULL 0x00 #define WPA_CSE_WEP40 0x01 #define WPA_CSE_TKIP 0x02 -#define WPA_CSE_CCMP 0x04 +#define WPA_CSE_CCMP 0x04 /* CCMP 128-bit */ #define WPA_CSE_WEP104 0x05 #define WPA_ASE_NONE 0x00 @@ -1275,21 +1275,62 @@ struct ieee80211_csa_ie { #define WPS_OUI_TYPE 0x04 +/* 802.11-2016 Table 9-131 - Cipher Suite Selectors */ #define RSN_OUI 0xac0f00 #define RSN_VERSION 1 /* current supported version */ -#define RSN_CSE_NULL 0x00 -#define RSN_CSE_WEP40 0x01 -#define RSN_CSE_TKIP 0x02 -#define RSN_CSE_WRAP 0x03 -#define RSN_CSE_CCMP 0x04 -#define RSN_CSE_WEP104 0x05 - -#define RSN_ASE_NONE 0x00 -#define RSN_ASE_8021X_UNSPEC 0x01 -#define RSN_ASE_8021X_PSK 0x02 - -#define RSN_CAP_PREAUTH 0x01 +/* RSN cipher suite element */ +#define RSN_CSE_NULL 0 +#define RSN_CSE_WEP40 1 +#define RSN_CSE_TKIP 2 +#define RSN_CSE_WRAP 3 /* Reserved in the 802.11-2016 */ +#define RSN_CSE_CCMP 4 /* CCMP 128 bit */ +#define RSN_CSE_WEP104 5 +#define RSN_CSE_BIP_CMAC_128 6 +/* 7 - "Group addressed traffic not allowed" */ +#define RSN_CSE_GCMP_128 8 +#define RSN_CSE_GCMP_256 9 +#define RSN_CSE_CCMP_256 10 +#define RSN_CSE_BIP_GMAC_128 11 +#define RSN_CSE_BIP_GMAC_256 12 +#define RSN_CSE_BIP_CMAC_256 13 + +/* 802.11-2016 Table 9-133 - AKM suite selectors */ +/* RSN AKM suite element */ +#define RSN_ASE_NONE 0 +#define RSN_ASE_8021X_UNSPEC 1 +#define RSN_ASE_8021X_PSK 2 +#define RSN_ASE_FT_8021X 3 /* SHA-256 */ +#define RSN_ASE_FT_PSK 4 /* SHA-256 */ +#define RSN_ASE_8021X_UNSPEC_SHA256 5 +#define RSN_ASE_8021X_PSK_SHA256 6 +#define RSN_ASE_8021X_TDLS 7 /* SHA-256 */ +#define RSN_ASE_SAE_UNSPEC 8 /* SHA-256 */ +#define RSN_ASE_FT_SAE 9 /* SHA-256 */ +#define RSN_ASE_AP_PEERKEY 10 /* SHA-256 */ +#define RSN_ASE_8021X_SUITE_B_SHA256 11 +#define RSN_ASE_8021X_SUITE_B_SHA384 12 +#define RSN_ASE_FT_8021X_SHA384 13 + +/* 802.11-2016 Figure 9-257 - RSN Capabilities (2 byte field) */ +#define RSN_CAP_PREAUTH 0x0001 +#define RSN_CAP_NO_PAIRWISE 0x0002 +#define RSN_CAP_PTKSA_REPLAY_COUNTER 0x000c /* 2 bit field */ +#define RSN_CAP_GTKSA_REPLAY_COUNTER 0x0030 /* 2 bit field */ +#define RSN_CAP_MFP_REQUIRED 0x0040 +#define RSN_CAP_MFP_CAPABLE 0x0080 +#define RSN_CAP_JOINT_MULTIBAND_RSNA 0x0100 +#define RSN_CAP_PEERKEY_ENABLED 0x0200 +#define RSN_CAP_SPP_AMSDU_CAPABLE 0x0400 +#define RSN_CAP_SPP_AMSDU_REQUIRED 0x0800 +#define RSN_CAP_PBAC_CAPABLE 0x1000 +#define RSN_CAP_EXT_KEYID_CAPABLE 0x0200 + +/* 802.11-2016 Table 9-134 PTKSA/GTKSA/STKSA replay counters usage */ +#define RSN_CAP_REPLAY_COUNTER_1_PER 0 +#define RSN_CAP_REPLAY_COUNTER_2_PER 1 +#define RSN_CAP_REPLAY_COUNTER_4_PER 2 +#define RSN_CAP_REPLAY_COUNTER_16_PER 3 #define WME_OUI 0xf25000 #define WME_OUI_TYPE 0x02